Commit 8053fc3d authored by Herbert Xu's avatar Herbert Xu

[IPSEC]: Temporarily remove locks around copying of non-atomic fields

The change 050f009e

	[IPSEC]: Lock state when copying non-atomic fields to user-space

caused a regression.

Ingo Molnar reports that it causes a potential dead-lock found by the
lock validator as it tries to take x->lock within xfrm_state_lock while
numerous other sites take the locks in opposite order.

For 2.6.24, the best fix is to simply remove the added locks as that puts
us back in the same state as we've been in for years.  For later kernels
a proper fix would be to reverse the locking order for every xfrm state
user such that if x->lock is taken together with xfrm_state_lock then
it is to be taken within it.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 7f9c33e5
...@@ -1015,9 +1015,7 @@ static inline struct sk_buff *pfkey_xfrm_state2msg(struct xfrm_state *x) ...@@ -1015,9 +1015,7 @@ static inline struct sk_buff *pfkey_xfrm_state2msg(struct xfrm_state *x)
{ {
struct sk_buff *skb; struct sk_buff *skb;
spin_lock_bh(&x->lock);
skb = __pfkey_xfrm_state2msg(x, 1, 3); skb = __pfkey_xfrm_state2msg(x, 1, 3);
spin_unlock_bh(&x->lock);
return skb; return skb;
} }
......
...@@ -507,7 +507,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x, ...@@ -507,7 +507,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
struct xfrm_usersa_info *p, struct xfrm_usersa_info *p,
struct sk_buff *skb) struct sk_buff *skb)
{ {
spin_lock_bh(&x->lock);
copy_to_user_state(x, p); copy_to_user_state(x, p);
if (x->coaddr) if (x->coaddr)
...@@ -515,7 +514,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x, ...@@ -515,7 +514,6 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
if (x->lastused) if (x->lastused)
NLA_PUT_U64(skb, XFRMA_LASTUSED, x->lastused); NLA_PUT_U64(skb, XFRMA_LASTUSED, x->lastused);
spin_unlock_bh(&x->lock);
if (x->aalg) if (x->aalg)
NLA_PUT(skb, XFRMA_ALG_AUTH, alg_len(x->aalg), x->aalg); NLA_PUT(skb, XFRMA_ALG_AUTH, alg_len(x->aalg), x->aalg);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment